Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

lploc94/codex-impl-review

Name: codex-impl-review
Author: lploc94

skill-packs/codex-review/skills/codex-impl-review/SKILL.md

npx skillsauth add lploc94/codex_skill codex-impl-review

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Codex Implementation Review

Purpose

Adversarial review on uncommitted changes before commit, or branch changes before merge.

When to Use

After writing code, before committing. For security-sensitive code, run /codex-security-review alongside.

Prerequisites

Working-tree (default): staged or unstaged changes exist.
Branch: current branch differs from base branch.

Runner

RUNNER="{{RUNNER_PATH}}" SKILLS_DIR="{{SKILLS_DIR}}" json_esc() { printf '%s' "$1" | node -e 'let d="";process.stdin.on("data",c=>d+=c);process.stdin.on("end",()=>process.stdout.write(JSON.stringify(d)))'; }

Critical Rules (DO NOT skip)

Stdin: printf '%s' "$PROMPT" | node "$RUNNER" ... -- NEVER echo. JSON via heredoc.
Validate: init output must start with CODEX_SESSION:. start/resume must return valid JSON. CODEX_NOT_FOUND->tell user install codex.
status === "completed" means Codex's turn is done -- NOT that the debate is over. MUST check Loop Decision table.
Loop: Do NOT exit unless APPROVE or stalemate. No round cap.
Errors: failed->retry once (re-poll 15s). timeout->report partial, suggest lower effort. stalled+recoverable->stop->recovery resume->poll; not recoverable->report partial. Cleanup sequencing: finalize+stop ONLY after recovery resolves.
Cleanup: ALWAYS run finalize + stop, even on failure/timeout.
Runner manages all session state -- NEVER read/write session files manually.
For detailed error flows -> Read references/protocol.md

Workflow

1. Collect Inputs

Scope: working-tree (staged/unstaged changes) or branch (diff vs base). Auto-detect via git status --short and git rev-list @{u}..HEAD. Effort: <10 files=medium, 10-50=high, >50=xhigh. Announce defaults. Working-tree inputs: working dir, user request, uncommitted changes. Branch inputs: base branch (validate git rev-parse --verify), clean working tree required, branch diff + commit log.

2. Pre-flight

Working-tree: git diff --quiet && git diff --cached --quiet must FAIL. Branch: git diff <base>...HEAD --quiet must FAIL.

3. Init + Render + Start

Init: node "$RUNNER" init --skill-name codex-impl-review --working-dir "$PWD" Render: template=working-tree-round1 or branch-round1. Placeholders: USER_REQUEST, SESSION_CONTEXT, BASE_BRANCH (branch only). Start: printf '%s' "$PROMPT" | node "$RUNNER" start "$SESSION_DIR" --effort "$EFFORT"

4. Poll -> Check Verdict -> Apply/Rebut -> Resume Loop

Poll + report activities. Parse review.blocks[] (id, title, severity, category, location, problem, suggested_fix). Verdict in review.verdict.status.

Check stalemate FIRST, then verdict (-> references/protocol.md § Debate Loop Protocol):

| # | Condition | Action | |---|-----------|--------| | 1 | convergence.stalemate === true | EXIT -> step 5 (stalemate). Do NOT render rebuttal. | | 2 | verdict === "APPROVE" | EXIT -> step 5 | | 3 | verdict === "REVISE" or open issues | CONTINUE -> sub-steps below |

If CONTINUE — all sub-steps are MANDATORY, even if you fix every issue:

4a. Categorize + Fix: For each review.blocks[] issue: ACCEPT (valid → fix code, verify) or DISPUTE (invalid → concrete proof). Branch mode: commit fixes before resume.

4b. Build rebuttal strings (one line per issue):

FIXED_ITEMS: "ISSUE-1: <title> — fixed in <file>:<line>\nISSUE-3: <title> — fixed in <file>:<line>"
DISPUTED_ITEMS: "ISSUE-2: <title> — <concrete reason>" or "None — all issues addressed" if all fixed.

4c. Render + Resume (reuse SESSION_CONTEXT from Step 1; USER_REQUEST is NOT a rebuttal placeholder):

# Working-tree: template=rebuttal-working-tree
PROMPT=$(node "$RUNNER" render --skill codex-impl-review --template rebuttal-working-tree --skills-dir "$SKILLS_DIR" <<RENDER_EOF
{"SESSION_CONTEXT":$(json_esc "$SESSION_CONTEXT"),"FIXED_ITEMS":$(json_esc "$FIXED_ITEMS"),"DISPUTED_ITEMS":$(json_esc "$DISPUTED_ITEMS")}
RENDER_EOF
)
# Branch: template=rebuttal-branch, add "BASE_BRANCH":$(json_esc "$BASE_BRANCH")
printf '%s' "$PROMPT" | node "$RUNNER" resume "$SESSION_DIR" --effort "$EFFORT"

Back to Poll. Codex MUST re-verify fixes and may find new issues.

5. Completion + Output

APPROVE -> done. Stalemate -> present deadlocked issues, ask user. Report: Rounds, Verdict, Issues Found/Fixed/Disputed, fixed defects by severity, residual risks, next steps.

6. Finalize + Cleanup

finalize + stop. Always run. (-> references/protocol.md for error handling)

Flavor Text Triggers

SKILL_START, POLL_WAITING, CODEX_RETURNED, APPLY_FIX, SEND_REBUTTAL, LATE_ROUND, APPROVE_VICTORY, STALEMATE_DRAW, FINAL_SUMMARY

Rules

If in plan mode, exit plan mode first -- this skill requires code editing.
Codex reviews only; it does not edit files. Preserve functional intent unless fix requires behavior change.
Every accepted issue -> concrete code diff.

lploc94/codex-impl-review

skill-packs/codex-review/skills/codex-impl-review/SKILL.md

Review uncommitted code changes or branch diff. Claude applies valid fixes, rebuts invalid points, iterates until consensus or stalemate.

67 stars

development

Updated May 27, 2026

$ install --global

skillsauth

npx skillsauth add lploc94/codex_skill codex-impl-review

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 27, 2026, 7:21 AM101.3s3 files scanned

SKILL.md

name:: codex-impl-review
description:: Review uncommitted code changes or branch diff. Claude applies valid fixes, rebuts invalid points, iterates until consensus or stalemate.

Codex Implementation Review

Purpose

Adversarial review on uncommitted changes before commit, or branch changes before merge.

When to Use

After writing code, before committing. For security-sensitive code, run /codex-security-review alongside.

Prerequisites

Working-tree (default): staged or unstaged changes exist.
Branch: current branch differs from base branch.

Runner

Critical Rules (DO NOT skip)

Stdin: printf '%s' "$PROMPT" | node "$RUNNER" ... -- NEVER echo. JSON via heredoc.
Validate: init output must start with CODEX_SESSION:. start/resume must return valid JSON. CODEX_NOT_FOUND->tell user install codex.
status === "completed" means Codex's turn is done -- NOT that the debate is over. MUST check Loop Decision table.
Loop: Do NOT exit unless APPROVE or stalemate. No round cap.
Errors: failed->retry once (re-poll 15s). timeout->report partial, suggest lower effort. stalled+recoverable->stop->recovery resume->poll; not recoverable->report partial. Cleanup sequencing: finalize+stop ONLY after recovery resolves.
Cleanup: ALWAYS run finalize + stop, even on failure/timeout.
Runner manages all session state -- NEVER read/write session files manually.
For detailed error flows -> Read references/protocol.md

Workflow

1. Collect Inputs

2. Pre-flight

Working-tree: git diff --quiet && git diff --cached --quiet must FAIL. Branch: git diff <base>...HEAD --quiet must FAIL.

3. Init + Render + Start

4. Poll -> Check Verdict -> Apply/Rebut -> Resume Loop

Poll + report activities. Parse review.blocks[] (id, title, severity, category, location, problem, suggested_fix). Verdict in review.verdict.status.

Check stalemate FIRST, then verdict (-> references/protocol.md § Debate Loop Protocol):

If CONTINUE — all sub-steps are MANDATORY, even if you fix every issue:

4a. Categorize + Fix: For each review.blocks[] issue: ACCEPT (valid → fix code, verify) or DISPUTE (invalid → concrete proof). Branch mode: commit fixes before resume.

4b. Build rebuttal strings (one line per issue):

FIXED_ITEMS: "ISSUE-1: <title> — fixed in <file>:<line>\nISSUE-3: <title> — fixed in <file>:<line>"
DISPUTED_ITEMS: "ISSUE-2: <title> — <concrete reason>" or "None — all issues addressed" if all fixed.

4c. Render + Resume (reuse SESSION_CONTEXT from Step 1; USER_REQUEST is NOT a rebuttal placeholder):

# Working-tree: template=rebuttal-working-tree
PROMPT=$(node "$RUNNER" render --skill codex-impl-review --template rebuttal-working-tree --skills-dir "$SKILLS_DIR" <<RENDER_EOF
{"SESSION_CONTEXT":$(json_esc "$SESSION_CONTEXT"),"FIXED_ITEMS":$(json_esc "$FIXED_ITEMS"),"DISPUTED_ITEMS":$(json_esc "$DISPUTED_ITEMS")}
RENDER_EOF
)
# Branch: template=rebuttal-branch, add "BASE_BRANCH":$(json_esc "$BASE_BRANCH")
printf '%s' "$PROMPT" | node "$RUNNER" resume "$SESSION_DIR" --effort "$EFFORT"

Back to Poll. Codex MUST re-verify fixes and may find new issues.

5. Completion + Output

APPROVE -> done. Stalemate -> present deadlocked issues, ask user. Report: Rounds, Verdict, Issues Found/Fixed/Disputed, fixed defects by severity, residual risks, next steps.

6. Finalize + Cleanup

finalize + stop. Always run. (-> references/protocol.md for error handling)

Flavor Text Triggers

SKILL_START, POLL_WAITING, CODEX_RETURNED, APPLY_FIX, SEND_REBUTTAL, LATE_ROUND, APPROVE_VICTORY, STALEMATE_DRAW, FINAL_SUMMARY

Rules

If in plan mode, exit plan mode first -- this skill requires code editing.
Codex reviews only; it does not edit files. Preserve functional intent unless fix requires behavior change.
Every accepted issue -> concrete code diff.

Related Skills

lploc94/codex-think-about

development

VerifiedTrustedCommunity

Peer debate between Claude Code and Codex on any technical question. Both think independently, challenge each other, converge to consensus or explicit disagreement.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-think-about

lploc94/codex-security-review

development

VerifiedTrustedCommunity

Security-focused code review using OWASP Top 10 and CWE patterns. Detects vulnerabilities through adversarial debate.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-security-review

lploc94/codex-pr-review

development

VerifiedTrustedCommunity

Peer debate between Claude Code and Codex on PR quality and merge readiness. No code modifications.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-pr-review

lploc94/codex-plan-review

tools

VerifiedTrustedCommunity

Review/debate plans before implementation between Claude Code and Codex CLI. Can run in plan mode — debates the plan and edits the plan file to fix accepted issues.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-plan-review

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/lploc94/codex_skill.git

# Copy into Claude Code skills folder (global)
cp -r codex_skill/skill-packs/codex-review/skills/codex-impl-review ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

lploc94/codex_skill

67 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT